Date : 04-25-2020
2FA is a short form for two-factor authentication. Any method that requires you to confirm your identity a second time is considered two-factor authentication (2FA). For example, if you have set up 2FA on a Google account they normally prompt your mobile device to confirm it is you logging into your account and not a third-party without your knowledge. Other common examples are when websites/accounts send you a code to your phone or email. This process is done as an additional layer of security to protect your account for unauthorized access.
With technology nowadays, just a regular password is not always enough. There are so many tools out there that can crack passwords and this is mainly because most people’s life is on the internet. What providers and consumers do not realize and really have not taken into consideration is people will not/do not remember thirty different passwords or complex passwords for that matter. We can guarantee most users that have multiple online accounts use the same passwords over and over, this is bad practice but it is common and chances are this will never change. Which frankly, is expected, think about it how likely are you going to memorize ten different passwords that look similar to !3x#lAkqO4. The mentioned example above alone could show how important and secure 2FA is.
As we know 2FA is a rather new technology that has recently been adopted by several companies and providers. However, there are several providers that do not offer this form of service which in our opinion is a very bad practice. To elaborate, by implementing 2FA technology to websites and accounts, providers can add an additional layer of security for all their customers and clients by forcing everyone to authenticate an additional time when logging into their account. Some may argue it is annoying and cumbersome to verify an additional time every time they log into their account, and yes we do agree with that, however, wouldn’t you rather spend a few extra seconds verifying it is you instead of giving the opportunity for a hacker to get your information and misuse your credentials?
A good example of this is the big controversy that was all over the news regarding the Ring security camera. For those who do not know, recently, one of Ring’s security cameras was hacked into and the hacker ended up communicating with a child through the security camera. The main argument Ring provided for this issue is the client/customer did not enable 2FA and while that is valid reasoning, we do believe the fault is on Ring. The reason we say that is because Ring should have made 2FA a mandatory option and not optional. If they did make it mandatory the second someone logged into the account or tried, they would have had to authenticate an additional time preventing them from accessing the account or at the least notified an additional login alert/email. Nowadays, hackers are everywhere and always monitoring most networks especially open ones like Starbucks and McDonalds. Having 2FA reduces the risk of being hacked ten-fold.
Generally speaking, there are several ways to enable 2FA and it differs from account to account. But usually, two-factor authentication can be activated through your security settings. Most of the time you may have to type your password in one more time to confirm you are making this change but after that, you may enable two-factor authentication. There are several methods of two-factor authentication as mentioned previously in this blog. In case you missed those methods, they are email verification, phone verification, text verification, authenticator app verification such as (Google Authenticator, Duo, Authy, etc.). When enabling 2FA on your account usually you are required to authenticate during setup. To explain, if you selected text verification and are in the setup process the account/system will automatically send you a text verification with the code to enter into a designated field. This code you receive always changes and is only valid for a short amount of time until you are required to request another code. So make sure the device you are using as the authorization device is near you at all times, if not you will not be able to completely enable 2FA.